Advisory: *.com accepted as wildcard match in SSL/TLS name matching
Certificate authorities are expected to vet all certificate registrations, but may fail to prevent fraudulent or erroneous registrations. Certificates which use a wild card immediately before the top level domain, or nulls in the domain name, may pass validation checks in Opera. Sites using such certificates may then incorrectly be presented as secure.
Opera Software has released Opera 10.00, where this issue has been fixed.
Thanks to Dan Kaminsky for reporting this issue to Opera Software.